Merge branch 'dev'

.github/workflows/analysis.yml

@@ -13,31 +13,19 @@ jobs:
       - name: Checkout Source
         uses: actions/checkout@v4
 
-      - name: Setup Go
-        uses: actions/setup-go@v5
-        with:
-          go-version: 1.22.x
-          cache: false
-
-      - name: Static Code Analysis
-        uses: golangci/golangci-lint-action@v4
-        with:
-          args: |
-            --timeout 5m --out-${NO_FUTURE}format colored-line-number --enable errcheck,gosimple,govet,ineffassign,staticcheck,typecheck,unused,gocritic,asasalint,asciicheck,errchkjson,exportloopref,forcetypeassert,makezero,nilerr,unparam,unconvert,wastedassign,usestdlibvars
+      - name: Setup Go with cache
+        uses: jfrog/.github/actions/install-go-with-cache@main
 
+      - name: Run golangci lint
+        uses: jfrog/.github/actions/golangci-lint@main
   Go-Sec:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout Source
         uses: actions/checkout@v4
 
-      - name: Setup Go
-        uses: actions/setup-go@v5
-        with:
-          go-version: 1.22.x
-          cache: false
+      - name: Setup Go with cache
+        uses: jfrog/.github/actions/install-go-with-cache@main
 
-      - name: Run Gosec Security Scanner
-        uses: securego/gosec@master
-        with:
-          args: -exclude G204,G301,G302,G304,G306 -tests -exclude-dir \.*test\.* ./...
+      - name: Run Go-Sec scanner
+        uses: jfrog/.github/actions/gosec-scanner@main

.github/workflows/cla.yml

@@ -9,26 +9,10 @@ jobs:
   CLAssistant:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions-ecosystem/action-regex-match@v2
-        id: sign-or-recheck
+      - name: Run CLA Check
+        uses: jfrog/.github/actions/cla@main
         with:
-          text: ${{ github.event.comment.body }}
-          regex: '\s*(I have read the CLA Document and I hereby sign the CLA)|(recheck)\s*'
-
-      - name: "CLA Assistant"
-        if: ${{ steps.sign-or-recheck.outputs.match != '' || github.event_name == 'pull_request_target' }}
-        # Alpha Release
-        uses: cla-assistant/[email protected]
-        env:
-          # Generated and maintained by GitHub
+          event_comment_body: ${{ github.event.comment.body }}
+          event_name: ${{ github.event_name }}
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          # JFrog organization secret
-          PERSONAL_ACCESS_TOKEN: ${{ secrets.CLA_SIGN_TOKEN }}
-        with:
-          path-to-signatures: 'signed_clas.json'
-          path-to-document: 'https://jfrog.com/cla/'
-          remote-organization-name: 'jfrog'
-          remote-repository-name: 'jfrog-signed-clas'
-          # branch should not be protected
-          branch: 'master'
-          allowlist: bot*
+          CLA_SIGN_TOKEN: ${{ secrets.CLA_SIGN_TOKEN }}

.github/workflows/frogbot-scan-pull-request.yml

@@ -12,6 +12,9 @@ jobs:
     # "frogbot" GitHub environment can approve the pull request to be scanned.
     environment: frogbot
     steps:
+      - name: Setup Go with cache
+        uses: jfrog/.github/actions/install-go-with-cache@main
+
       - uses: jfrog/frogbot@v2
         env:
           JFROG_CLI_LOG_LEVEL: "DEBUG"

.github/workflows/frogbot-scan-repository.yml

@@ -10,12 +10,16 @@ permissions:
   security-events: write
 jobs:
   scan-repository:
+    name: Scan Repository (${{ matrix.branch }} branch)
     runs-on: ubuntu-latest
     strategy:
       matrix:
         # The repository scanning will be triggered periodically on the following branches.
         branch: [ "dev" ]
     steps:
+      - name: Setup Go with cache
+        uses: jfrog/.github/actions/install-go-with-cache@main
+
       - uses: jfrog/frogbot@v2
         env:
           JFROG_CLI_LOG_LEVEL: "DEBUG"

.github/workflows/tests.yml

@@ -29,18 +29,8 @@ jobs:
         with:
           ref: ${{ github.event.pull_request.head.sha }}
 
-      - name: Setup Go
-        uses: actions/setup-go@v5
-        with:
-          go-version: 1.22.2
-          cache: false
-
-      - name: Go Cache
-        uses: actions/cache@v4
-        with:
-          path: ~/go/pkg/mod
-          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
-          restore-keys: ${{ runner.os }}-go-
+      - name: Setup Go with cache
+        uses: jfrog/.github/actions/install-go-with-cache@main
 
       - name: Lint
         run: go vet -v ./...
@@ -55,32 +45,18 @@ jobs:
         os: [ ubuntu, windows, macos ]
     runs-on: ${{ matrix.os }}-latest
     steps:
-      - name: Setup Go
-        uses: actions/setup-go@v5
-        with:
-          go-version: 1.22.2
-          cache: false
-
       - name: Checkout code
         uses: actions/checkout@v4
         with:
           ref: ${{ github.event.pull_request.head.sha }}
 
-      - name: Go Cache
-        uses: actions/cache@v4
+      - name: Setup Go with cache
+        uses: jfrog/.github/actions/install-go-with-cache@main
+
+      - name: Install local Artifactory
+        uses: jfrog/.github/actions/install-local-artifactory@main
         with:
-          path: ~/go/pkg/mod
-          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
-          restore-keys: ${{ runner.os }}-go-
-
-      - name: Setup Artifactory
-        env:
-          setup-url: github.com/jfrog/jfrog-testing-infra/local-rt-setup@latest
-          RTLIC: ${{secrets.RTLIC}}
-          GOPROXY: direct
-        run: |
-          go install ${{ env.setup-url }} || go install ${{ env.setup-url }}
-          ~/go/bin/local-rt-setup
+          RTLIC: ${{ secrets.RTLIC }}
 
       - name: artifactory tests
         run: go test -v github.com/jfrog/jfrog-client-go/tests --timeout 0 --test.${{ matrix.suite }} --ci.runId=${{ runner.os }}-${{ matrix.suite }}
@@ -100,18 +76,8 @@ jobs:
         with:
           ref: ${{ github.event.pull_request.head.sha }}
 
-      - name: Setup Go
-        uses: actions/setup-go@v5
-        with:
-          go-version: 1.22.2
-          cache: false
-
-      - name: Go Cache
-        uses: actions/cache@v4
-        with:
-          path: ~/go/pkg/mod
-          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
-          restore-keys: ${{ runner.os }}-go-
+      - name: Setup Go with cache
+        uses: jfrog/.github/actions/install-go-with-cache@main
 
       - name: ${{ matrix.suite }} tests
         run: go test -v github.com/jfrog/jfrog-client-go/tests --timeout 0 --test.${{ matrix.suite }} --rt.url=${{ secrets.PLATFORM_URL }}/artifactory --ds.url=${{ secrets.PLATFORM_URL }}/distribution --xr.url=${{ secrets.PLATFORM_URL }}/xray --xsc.url=${{ secrets.PLATFORM_URL }}/xsc --access.url=${{ secrets.PLATFORM_URL }}/access --rt.user=${{ secrets.PLATFORM_USER }} --rt.password=${{ secrets.PLATFORM_PASSWORD }} --access.token=${{ secrets.PLATFORM_ADMIN_TOKEN }} --ci.runId=${{ runner.os }}-${{ matrix.suite }}
@@ -126,18 +92,8 @@ jobs:
         with:
           ref: ${{ github.event.pull_request.head.sha }}
 
-      - name: Setup Go
-        uses: actions/setup-go@v5
-        with:
-          go-version: 1.22.2
-          cache: false
-
-      - name: Go Cache
-        uses: actions/cache@v4
-        with:
-          path: ~/go/pkg/mod
-          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
-          restore-keys: ${{ runner.os }}-go-
+      - name: Setup Go with cache
+        uses: jfrog/.github/actions/install-go-with-cache@main
 
       - name: pipelines tests
         run: go test -v github.com/jfrog/jfrog-client-go/tests --timeout 0 --test.pipelines --rt.url=${{ secrets.PLATFORM_URL }}/artifactory --pipe.url=${{ secrets.PLATFORM_URL }}/pipelines --rt.user=${{ secrets.PLATFORM_USER }} --rt.password=${{ secrets.PLATFORM_PASSWORD }} --pipe.accessToken=${{ secrets.PLATFORM_ADMIN_TOKEN }} --pipe.vcsToken=${{ secrets.CLI_PIPE_VCS_TOKEN }} --pipe.vcsRepo=${{ secrets.CLI_PIPE_VCS_REPO }} --pipe.vcsBranch=${{ secrets.CLI_PIPE_VCS_BRANCH }} --ci.runId=${{ runner.os }}_pipe
@@ -147,32 +103,18 @@ jobs:
     name: repositories ubuntu-latest
     runs-on: ubuntu-latest
     steps:
-      - name: Setup Go
-        uses: actions/setup-go@v5
-        with:
-          go-version: 1.22.2
-          cache: false
-
       - name: Checkout code
         uses: actions/checkout@v4
         with:
             ref: ${{ github.event.pull_request.head.sha }}
 
-      - name: Go Cache
-        uses: actions/cache@v4
+      - name: Setup Go with cache
+        uses: jfrog/.github/actions/install-go-with-cache@main
+
+      - name: Install local Artifactory
+        uses: jfrog/.github/actions/install-local-artifactory@main
         with:
-          path: ~/go/pkg/mod
-          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
-          restore-keys: ${{ runner.os }}-go-
-
-      - name: Setup Artifactory
-        env:
-          setup-url: github.com/jfrog/jfrog-testing-infra/local-rt-setup@latest
-          RTLIC: ${{secrets.RTLIC}}
-          GOPROXY: direct
-        run: |
-          go install ${{ env.setup-url }} || go install ${{ env.setup-url }}
-          ~/go/bin/local-rt-setup
+          RTLIC: ${{ secrets.RTLIC }}
 
       - name: Repositories tests
         run: go test -v github.com/jfrog/jfrog-client-go/tests --timeout 0 --test.repositories

README.md

@@ -153,6 +153,9 @@
       - [Get an Xray Policy](#get-an-xray-policy)
       - [Update an Xray Policy](#update-an-xray-policy)
       - [Delete an Xray Policy](#delete-an-xray-policy)
+      - [Create an Xray Ignore Rule](#create-an-xray-ignore-rule)
+      - [Get an Xray Ignore Rule](#get-an-xray-ignore-rule)
+      - [Delete an Xray Ignore Rule](#delete-an-xray-ignore-rule)
       - [Add Builds to Indexing Configuration](#add-builds-to-indexing-configuration)
       - [Request Graph Scan](#request-graph-scan)
       - [Retrieve the Graph Scan Results](#retrieve-the-graph-scan-results)
@@ -1985,6 +1988,91 @@ err := xrayManager.UpdatePolicy(*policy)
 err := xrayManager.DeletePolicy("example-policy")
 ```
 
+#### Create an Xray Ignore Rule
+
+```go
+params := utils.NewIgnoreRuleParams()
+params.Notes := "random-notes-for-ignore-rules"
+params.ExpiredAt := time.Date(year int, month Month, day, hour, min, sec, nsec int, loc *Location)
+params.IgnoreFilters := IgnoreFilters{
+  Vulnerabilities: []string{"XRAY-12345", "XRAY-67891"},
+  Licenses: []string{"MIT", "BSD"},
+  CVEs: []string{"CVE-2021-1234", "CVE-2022-5678"},
+  Policies: []string{"policy-name-1", "policy-name-2"},
+  Watches: []string{"watch-name-1", "watch-name-2"},
+  DockerLayers: []string{"0503825856099e6adb39c8297af09547f69684b7016b7f3680ed801aa310baaa"},
+  OperationalRisks: []string{"any"},
+  Exposures: []ExposuresFilterName{
+    {
+      FilePath: []string{"/path/to/file1", "/path/to/file2"},
+      Scanners: []string{"EXP-12345"},
+      Catagories: []ExposuresCatagories{
+        {
+          Secrets: true,
+          Services: true,
+          Applications: true,
+          Iac: true,
+        },
+      },
+    },
+  },
+  ReleaseBundles: []IgnoreFilterNameVersion{
+    {
+      Name: "RB-name",
+      Version: "0.0.0",
+    },
+    {
+      Name: "RB-name-2",
+      Version: "1.2.3",
+    },
+  },
+  Builds: []IgnoreFilterNameVersion{
+    {
+      Name: "build-name",
+      Version: "0.0.0",
+    },
+    {
+      Name: "build-name-2",
+      Version: "1.2.3",
+    },
+  },
+  Components: []IgnoreFilterNameVersion{
+    {
+      Name: "component-name",
+      Version: "0.0.0",
+    },
+    {
+      Name: "component-name-2",
+      Version: "1.2.3",
+    },
+  },
+  Arti: []IgnoreFilterNameVersion{
+    {
+      Name: "artifact-name",
+      Version: "0.0.0",
+    },
+    {
+      Name: "artifact-name-2",
+      Version: "1.2.3",
+    },
+  },
+}
+
+ignoreRuleIgnoreId, err := xrayManager.CreateIgnoreRule(params)
+```
+
+#### Get an Xray Ignore Rule
+
+```go
+ignoreRule, err := xrayManager.GetIgnoreRule("ignore-rule-id")
+```
+
+#### Delete an Xray Ignore Rule
+
+```go
+err := xrayManager.DeleteIgnoreRule("ignore-rule-id")
+```
+
 #### Add Builds to Indexing Configuration
 
 ```go

artifactory/services/upload.go

@@ -965,7 +965,9 @@ func (us *UploadService) addFileToZip(artifact *clientutils.Artifact, progressPr
 		return err
 	}
 	defer func() {
-		err = errors.Join(err, errorutils.CheckError(file.Close()))
+		if file != nil {
+			err = errors.Join(err, errorutils.CheckError(file.Close()))
+		}
 	}()
 	if us.Progress != nil {
 		progressReader := us.Progress.NewProgressReader(info.Size(), progressPrefix, localPath)

artifactory/services/utils/multipartupload.go

@@ -234,7 +234,9 @@ func (mu *MultipartUpload) uploadPart(logMsgPrefix, localPath string, fileSize,
 		return errorutils.CheckError(err)
 	}
 	defer func() {
-		err = errors.Join(err, errorutils.CheckError(file.Close()))
+		if file != nil {
+			err = errors.Join(err, errorutils.CheckError(file.Close()))
+		}
 	}()
 	if _, err = file.Seek(partId*chunkSize, io.SeekStart); err != nil {
 		return errorutils.CheckError(err)

go.mod

@@ -10,7 +10,7 @@ require (
 	github.com/golang-jwt/jwt/v4 v4.5.0
 	github.com/gookit/color v1.5.4
 	github.com/jfrog/archiver/v3 v3.6.1
-	github.com/jfrog/build-info-go v1.9.29
+	github.com/jfrog/build-info-go v1.9.30
 	github.com/jfrog/gofrog v1.7.4
 	github.com/minio/sha256-simd v1.0.1
 	github.com/stretchr/testify v1.9.0
@@ -22,7 +22,7 @@ require (
 
 require (
 	dario.cat/mergo v1.0.0 // indirect
-	github.com/CycloneDX/cyclonedx-go v0.8.0 // indirect
+	github.com/CycloneDX/cyclonedx-go v0.9.0 // indirect
 	github.com/Microsoft/go-winio v0.6.1 // indirect
 	github.com/andybalholm/brotli v1.1.0 // indirect
 	github.com/cloudflare/circl v1.3.7 // indirect
@@ -58,6 +58,6 @@ require (
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
 
-// replace github.com/jfrog/build-info-go => github.com/eyalbe4/build-info-go v1.8.6-0.20240610015232-844595d5a4f3
+// replace github.com/jfrog/build-info-go => github.com/eyalbe4/build-info-go v1.8.9-0.20240723132035-980d2c84b738
 
 // replace github.com/jfrog/gofrog => github.com/jfrog/gofrog dev